I was part of a five member team, which was responsible for Mitigate the risk of cyberthreats and fraud by monitoring and correlating multiple systems and applying advanced analytics to detect potential security breach attempts and protect financial privacy.
Responsibilities:
- Created Dashboards, Visualizations, Statistical reports, scheduled searches, Alerts and also worked on creating different other knowledge objects.
- Knowledge about Splunk architecture and various components (indexer, forwarder, search head, deployment server)
- Worked on installing Universal and Heavy forwarder to bring any kind of data fields in to Splunk.
- Provide Regular support guidance to Splunk project teams on complex solution and issue resolution.
- Helping application teams in on-boarding Splunk and creating dashboards/alerts/reports etc.
- Maintained and managed assigned systems, Splunk related issues and administrators.
- Involved in admin activities and worked on inputs.conf, index.conf, props.conf and transform.conf to set up time zone and time stamp extractions, complex event transformations and whether any event breaking.
- Involved in standardizing Splunk forwarder deployment, configuration and maintenance across UNIX and Windows platforms.
- Designing and maintaining production-quality Splunk dashboards.
- Create Dashboard, Reports and Alerts for events and configure alert mail.
- Worked on DB Connect configuration for Oracle and MySQL
- Developing Scheduling Alerts, Experience with Deployment Server & Advanced XML.
- Created Dashboards for various types of business users in organization and worked on creating different Splunk Knowledge objects like Macros, IFX, Calculated fields, Tags, Event Types and Look ups.
- Field Extraction, Using IFX, Rex Command and Reg Ex in configuration files.
- Scripting and development skills (Perl, Python) with strong knowledge of regular expressions.
- Use techniques to optimize searches for better performance, Search time field extractions. And understanding of configuration files, precedence and working.
- Various types of charts Alert Settings Knowledge of app creation, user and role access permissions. Creating and managing app, Create user, role, Permissions to knowledge objects.
Environment: Splunk 6.x, Splunk ES, Splunk DBConnect2.0, Splunk ITSI, Splunk ITOA, D3.js, Tomcat 7.x, JBoss 7.x, BIGIP Load Balancers, SAML, Wily Introscope 6.0, Configured plug-ins for Apache HTTP server 2.4, RedHat Linux 6.x, JDBC, JDK1.7, J2EE, JSP, Servlets, XML, Oracle 11g, GI.